This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5089.roa File: AS5089.roa (raw, json) Hash identifier: HPpgdsTihpZXryhXA97cc0hFXKY6RSNypn9l6+KUaeA= Subject key identifier: 62:AF:36:90:B9:B0:7E:96:C4:89:6D:8D:A1:E9:1C:C1:5F:A7:D1:A2 Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Certificate serial: 683B15F557F5C457634B97BDB4B410FE923A070F Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5089.roa Signing time: Fri 26 Dec 2025 16:55:32 +0000 ROA not before: Fri 26 Dec 2025 16:50:32 +0000 ROA not after: Fri 25 Dec 2026 16:55:32 +0000 asID: 5089 IP address blocks: 82.21.66.0/24 maxlen: 24 82.21.76.0/24 maxlen: 24 82.21.127.0/24 maxlen: 24 82.21.136.0/24 maxlen: 24 82.23.149.0/24 maxlen: 24 82.23.150.0/24 maxlen: 24 82.23.165.0/24 maxlen: 24 82.23.184.0/24 maxlen: 24 82.24.48.0/24 maxlen: 24 82.24.101.0/24 maxlen: 24 82.25.132.0/24 maxlen: 24 82.25.199.0/24 maxlen: 24 82.25.204.0/24 maxlen: 24 82.26.0.0/18 maxlen: 24 82.26.80.0/24 maxlen: 24 82.26.84.0/24 maxlen: 24 82.26.112.0/24 maxlen: 24 82.26.119.0/24 maxlen: 24 82.26.124.0/24 maxlen: 24 82.26.127.0/24 maxlen: 24 82.27.108.0/24 maxlen: 24 82.27.110.0/24 maxlen: 24 82.27.122.0/24 maxlen: 24 82.27.124.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:21:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:3b:15:f5:57:f5:c4:57:63:4b:97:bd:b4:b4:10:fe:92:3a:07:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Validity Not Before: Dec 26 16:50:32 2025 GMT Not After : Dec 25 16:55:32 2026 GMT Subject: CN=62AF3690B9B07E96C4896D8DA1E91CC15FA7D1A2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:40:83:3f:3e:13:2d:6b:37:05:b2:00:b9:5f: ee:0f:91:4a:9c:ee:9e:88:b6:72:50:36:61:f8:3c: bd:3e:34:2b:ec:1f:ff:b1:b9:36:cd:9b:65:96:de: c6:93:78:ce:2a:7c:fe:dc:ce:b1:80:e3:2e:ad:50: 37:33:b3:ba:01:39:00:90:4a:de:8c:0f:de:86:e6: 33:6f:cf:26:af:e2:66:81:37:55:2f:7b:aa:1b:70: 4c:13:a5:c0:be:76:46:b0:fa:d9:2c:49:43:51:6d: 95:ff:67:ec:69:d3:7e:82:79:45:45:60:10:60:1c: 63:a0:ed:ac:76:44:c9:4c:08:43:65:6b:53:35:88: b1:fe:b0:32:b1:82:e4:55:21:5c:69:37:73:36:2e: 3a:7f:cb:d2:f7:20:34:30:e0:d0:55:3d:d4:c6:db: bc:9e:52:6e:7f:29:c0:03:56:e9:28:02:ac:b2:4d: 14:62:21:c8:e4:f2:33:1b:b7:be:56:06:f2:48:79: a7:49:d1:17:3f:11:fd:d1:d7:cf:58:c4:70:6b:03: 85:84:78:34:a1:fe:61:f4:15:91:d3:ab:9e:74:c8: 4d:41:de:fa:0e:5b:13:16:6c:0a:07:44:d8:02:d6: d0:0a:0c:35:54:ef:df:6a:a0:33:ed:cd:e1:33:cf: b8:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:AF:36:90:B9:B0:7E:96:C4:89:6D:8D:A1:E9:1C:C1:5F:A7:D1:A2 X509v3 Authority Key Identifier: keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5089.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.21.66.0/24 82.21.76.0/24 82.21.127.0/24 82.21.136.0/24 82.23.149.0-82.23.150.255 82.23.165.0/24 82.23.184.0/24 82.24.48.0/24 82.24.101.0/24 82.25.132.0/24 82.25.199.0/24 82.25.204.0/24 82.26.0.0/18 82.26.80.0/24 82.26.84.0/24 82.26.112.0/24 82.26.119.0/24 82.26.124.0/24 82.26.127.0/24 82.27.108.0/24 82.27.110.0/24 82.27.122.0/24 82.27.124.0/24 Signature Algorithm: sha256WithRSAEncryption 46:98:50:00:f0:0b:34:3d:18:0c:f5:c2:76:e3:cf:de:34:5e: 52:99:60:e9:4d:b9:4d:0f:87:46:52:7b:64:0e:3b:9e:fa:02: 8f:ac:00:6f:c2:48:1c:19:3f:5e:aa:e6:bb:15:bb:31:3e:97: 32:bf:f6:86:a1:d8:75:73:98:ac:66:3a:fe:90:a6:6f:2c:61: 60:e8:56:24:4e:54:7b:0e:af:38:77:ee:5d:e5:60:83:bf:79: e6:36:4c:1a:9b:f5:88:8e:d6:73:b7:9b:42:61:0c:9e:3f:76: 4b:9b:3b:2e:e6:fc:fd:89:fc:95:ff:77:3e:ea:24:9e:8d:fb: a2:72:a6:be:c0:ac:1b:9c:d8:47:76:16:87:0b:10:79:9a:66: 27:ae:3a:2c:0c:b7:28:8a:c4:c3:15:f8:be:90:89:ed:cf:f1: 48:d4:6b:2f:ce:9d:95:d9:3e:16:fd:d1:39:33:71:13:9f:bb: 1a:a4:d1:62:8f:3c:d4:41:85:81:39:2c:ef:ed:04:d2:2d:28: a4:90:e2:e0:e6:45:f3:75:e2:6f:b6:32:40:eb:ab:e9:9c:e3: 4a:e6:68:51:b7:e3:6e:0e:2b:47:e9:93:13:2d:24:65:f0:ea: 0d:74:6b:9e:7c:5a:3d:28:fa:6c:48:66:cc:ed:1a:8f:31:dc: a5:53:f2:fb -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgIUaDsV9Vf1xFdjS5e9tLQQ/pI6Bw8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni M2NmZGQwMTAeFw0yNTEyMjYxNjUwMzJaFw0yNjEyMjUxNjU1MzJaMDMxMTAvBgNV BAMTKDYyQUYzNjkwQjlCMDdFOTZDNDg5NkQ4REExRTkxQ0MxNUZBN0QxQTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkQIM/PhMtazcFsgC5X+4PkUqc 7p6ItnJQNmH4PL0+NCvsH/+xuTbNm2WW3saTeM4qfP7czrGA4y6tUDczs7oBOQCQ St6MD96G5jNvzyav4maBN1Uve6obcEwTpcC+dkaw+tksSUNRbZX/Z+xp036CeUVF YBBgHGOg7ax2RMlMCENla1M1iLH+sDKxguRVIVxpN3M2Ljp/y9L3IDQw4NBVPdTG 27yeUm5/KcADVukoAqyyTRRiIcjk8jMbt75WBvJIeadJ0Rc/Ef3R189YxHBrA4WE eDSh/mH0FZHTq550yE1B3voOWxMWbAoHRNgC1tAKDDVU799qoDPtzeEzz7grAgMB AAGjggKZMIIClTAdBgNVHQ4EFgQUYq82kLmwfpbEiW2NoekcwV+n0aIwHwYDVR0j BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTA4OS5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjCBrwYIKwYBBQUHAQcBAf8EgZ8wgZwwgZkEAgABMIGSAwQA UhVCAwQAUhVMAwQAUhV/AwQAUhWIMAwDBABSF5UDBABSF5YDBABSF6UDBABSF7gD BABSGDADBABSGGUDBABSGYQDBABSGccDBABSGcwDBAZSGgADBABSGlADBABSGlQD BABSGnADBABSGncDBABSGnwDBABSGn8DBABSG2wDBABSG24DBABSG3oDBABSG3ww DQYJKoZIhvcNAQELBQADggEBAEaYUADwCzQ9GAz1wnbjz940XlKZYOlNuU0Ph0ZS e2QOO576Ao+sAG/CSBwZP16q5rsVuzE+lzK/9oah2HVzmKxmOv6Qpm8sYWDoViRO VHsOrzh37l3lYIO/eeY2TBqb9YiO1nO3m0JhDJ4/dkubOy7m/P2J/JX/dz7qJJ6N +6Jypr7ArBuc2Ed2FocLEHmaZieuOiwMtyiKxMMV+L6Qie3P8UjUay/OnZXZPhb9 0TkzcROfuxqk0WKPPNRBhYE5LO/tBNItKKSQ4uDmRfN14m+2MkDrq+mc40rmaFG3 424OK0fpkxMtJGXw6g10a558Wj0o+mxIZsztGo8x3KVT8vs= -----END CERTIFICATE-----Generated at Sun Jan 25 14:06:31 2026 by rpki-client